TMS zl Management and Configuration Guide ST.1.1.100226
7-52
Virtual Private Networks
Configure an IPsec Client-to-Site VPN
Figure 7-40. Example IPsec Client-to-Site VPN
3 The actual IP addresses of
remote VPN clients
Single-entry or multiple-entry IP,
range, or network address object
*If IKE mode config is not used
and you want to use this object in
an IPsec policy, the object must
be single-entry.
• Source or Destination for
firewall access policies that
permit IKE traffic
• If IKE mode config is not used:
– Remote Address in the
IPsec policy traffic selector
– Source or Destination for
firewall access policies
that permit traffic sent
across the VPN
4 The virtual IP addresses assigned
to remote VPN clients using IKE
mode config
Single-entry IP, range, or network
address objects
• Remote Address in the IPsec
policy traffic selector
• Source or Destination for
firewall access policies that
permit traffic sent across the
VPN
Example
Figure
Reference
Named Object Description Named Object Type Location Where the Named
Object is Specified